☰
Flare is a decentralized finance network and liquidity hub built on an EVM-compatible Layer-1 blockchain. It is a scalable smart contract platform designed specifically for DeFi, combining strong security, high performance, and built-in liquidity.
The network includes ready-to-use financial infrastructure such as a trustless exchange, a decentralized stablecoin (aUSD), BNB Liquid Staking (LBNB), and EVM+ compatibility. Through these capabilities, Flare allows developers to access the benefits of traditional EVM networks while also interacting with assets and ecosystems such as XRP and the broader Substrate framework.
Flare 2.0 represents a major evolution of the ecosystem. It introduces improvements that make it significantly easier, safer, and more efficient to use different cryptocurrencies within decentralized finance applications.
With Flare 2.0, assets such as Bitcoin, XRP, and Dogecoin can be utilized within DeFi applications on Flare without relying on traditional cross-chain bridges, which often introduce additional security risks.
The upgrade also introduces advanced technologies that enhance protection for both user funds and smart contracts. Applications built on Flare will be able to interact with assets from multiple blockchains, creating a more interconnected and powerful decentralized ecosystem.
For users who hold Flare tokens, the upgrade also brings additional opportunities. Early contributors benefit from expanded reward mechanisms, including allocations, staking, and delegation options that allow participants to actively contribute to network security while earning rewards.
Flare is not simply a network for settling transactions at a fraction of the gas cost found on many other chains. It represents a broader vision for the future of decentralized finance — one where assets, data, and applications can move seamlessly across ecosystems.
In essence, Flare aims to become the infrastructure that powers truly seamless cross-chain transactions and next-generation decentralized applications.
The core promise of a smart contract platform lies in providing a global distribution layer for financial products, empowering users to transact without reliance on intermediaries or the fear of censorship. However, since their inception, developers have struggled to create applications that match the functionality and user experience of Web2 apps. This is mainly due to the computational limits and siloed nature of smart contract platforms, which constrain what developers can build safely.
As a result, while digital assets have gained traction as an asset class, the range of on-chain use cases remains notably limited. To drive the industry forward, it is essential to expand the possibilities developers can achieve through their code.
This expansion will be enabled by:
Critically, these aspects are most valuable to users only if decentralization is preserved in building out these capabilities.
This article explores how Trusted Execution Environments (TEEs), integrated with Flare’s data protocols, enable Protocol Managed Wallets - a system that allows protocols built on Flare to execute cross-chain transactions directly while preserving decentralization, trustlessness, and freedom from censorship.
Flare today is an EVM-powered smart contract chain with two enshrined data protocols. These protocols, namely the Flare Time Series Oracle (FTSO) and the Flare Data Connector (FDC), represent the industry's most advanced and fully decentralized data oracles.
They empower Flare to acquire price, Web2, and blockchain data swiftly, safely, and effortlessly. Today, developers can leverage these capabilities to build products on Flare that would be challenging or unsafe to build elsewhere. Now, we are going even further.
A TEE is a secure computing environment, isolated within the hardware, that shields it from its parent operating system – thereby preventing tampering or unauthorized access to its memory.
For blockchain applications, TEEs offer substantial compute resources with two highly desirable features:
Protocol Managed Wallets (PMW) are addresses on other blockchains that are exclusively authorized to execute transactions based on valid outputs from protocols on Flare.
This effectively extends Flare’s consensus across chains and enables full chain abstraction.
The PMW system can also improve Flare’s own data protocols by confirming data attestations from Flare’s validators in near real-time.
As mentioned in the ‘Introducing Trusted Execution Environments’ section above, a TEE is a device that allows for computations to be made privately and for those computations to be verifiable. In the context of Protocol Managed Wallets, a TEE can hold and employ a private key (or multiple private keys) for signing transactions.
Crucially, when set up properly and assuming that the TEE manufacturer has not allowed any potential exploits to make its way into the hardware, the private key remains irretrievable by any entity other than the device itself. In other words, no person, entity, or device can obtain that private key except for the device itself.
A TEE holding a private key can be programmed to use this private key to sign a transaction based on any input. For example, a signature could be generated based on an input from a mobile application. However, under the PMW framework, the TEE is programmed to sign a transaction with its private key only upon receiving a valid set of signatures from Flare’s validators, as determined by the Flare Systems Protocol (FSP).
Critically, this signing constraint is embedded within the TEE's code and is verifiable. That is, it can be confirmed that the TEE is executing only authorized instructions, and that these instructions are immutable and cannot be overridden.
Full details on how the TEE receives information regarding the transaction to be signed and the criteria constituting a valid set of signatures will be elaborated upon in a forthcoming paper on Flare’s Protocol Managed Wallets.
In essence, from the perspectives of both developers and users, the PMW allows protocols on Flare (and only those protocols), through Flare’s consensus mechanism, to securely and reliably control the TEE's signing capabilities.
A TEE empowers the outputs of a protocol on Flare, via Flare's consensus protocol, to govern assets and actions on other networks. For instance, it could facilitate sending 1 BTC to Sally as the result of a bet executed on Flare. This effectively extends Flare’s execution capabilities beyond its own boundaries, thereby substantially enhancing its overall functionality.
However, if the PMW were based on a single TEE, there would be two significant risks:
A lack of redundancy would become problematic if the TEE becomes non-operational for any reason. For example, the location or data center hosting the TEE might experience an outage due to a power issue. This is clearly undesirable for both users and applications.
An exploit targeting the TEE could compromise the private key, leading to a loss of funds held in the addresses controlled by the TEE.
The Protocol Managed Wallet design mitigates both of these risks by implementing a multi-signature (multisig) scheme involving numerous TEEs.
Under this scheme, a transaction on an address controlled by the PMW can only occur with the agreement of a quorum of globally distributed and distinct TEEs each of which is programmed to only sign in response to a consensus output from Flare.
The architecture is designed to be robust, with TEEs located across the globe to reduce the risk of liveness issues.
Furthermore, the set of TEEs includes, in appropriate proportions, TEEs manufactured by different hardware providers, ensuring that an exploit affecting a particular type of TEE hardware cannot result in a complete loss of funds.
The distribution and types of TEE used will be expanded over time to maximize the safety and liveness characteristics of the PMW system.
Detailed specifications will be outlined in Flare's forthcoming documentation on Protocol Managed Wallets.
This article has outlined Flare’s Protocol Managed Wallets and how they can be used as a tool to enable chain abstraction and novel use cases.
Two near term protocols are being built using these capabilities:
In essence, Protocol Managed Wallets represent a significant expansion of blockchain's potential, providing Flare protocols with the means to manage assets and execute transactions across diverse chains through a secure and decentralized system.
This unique combination of TEEs with Flare's core data protocols enables PMWs to extend Flare's consensus, opening up a new landscape of cross-chain functionality and innovative applications.
As we look ahead, Flare's vision will transcend cross-chain assets management. Our next discourse will highlight how these TEEs and Flare's data protocols enable verifiable compute capabilities, allowing for use cases and apps that were once only thought of in theory, establishing Flare as a trailblazing smart contract platform.